In the modern electronics driven world, there is wide spread usage of electronic communication devices such as mobile phones, video phones, personal digital assistants (PDA), laptop computers, and smart phones. Electronic communication devices, in addition to providing voice communication, can be used to enable data communication and storage of data communication. An electronic communication device that can provide data communication may be subject to security measures by device users and/or administrators so as to protect sensitive data being communicated.
Typically, security measures for data communication or exchange between electronic communication devices include: a) encryption and decryption of exchanged data with asymmetrical or symmetrical encryption keys, and/or b) authentication between devices that are parties to the data exchange. A concern with the use of encryption keys for encryption/decryption of data is that the encryption keys somehow may be acquired by unauthorized users, who will then employ such keys to conduct fraudulent data communication or exchange with authorized users. Thus, additional security measures must be implemented to safeguard the encryption keys. While device authentication ensures that devices partying to the data communication or exchanged are authorized devices, it does not guarantee that users of the authorized devices are actually authorized users. That is, an authorized device may fall into the hands of an unauthorized user, who will then have the ability to fraudulently conduct data exchange with an authorized user.
Accordingly, there is an interest in authenticating not only electronic communication devices for authorized data communication but also users of such electronic communication devices to prevent unauthorized users from fraudulently accessing sensitive data and/or fraudulently transmitting data to authorized users.